Suitecrm · Suitecrm · CVE-2024-36419
**Name of the Vulnerable Software and Affected Versions**
SuiteCRM versions prior to 8.6.1
**Description**
A vulnerability in SuiteCRM allows for Host Header Injection when directly accessing the "/legacy" route. This issue affects versions prior to 8.6.1.
**Recommendations**
For versions prior to 8.6.1, update to version 8.6.1 to resolve the issue. As a temporary workaround, consider restricting access to the "/legacy" route until the patch is applied.